HMSA Credentialing Cover Letter Dear Provider, Health Management Systems of America (HMSA) is very pleased to consider your application to join our network of providers. HMSA s participation criteria for clinical staff serving EAP clients include: A minimum of a Master s degree in an appropriate clinical discipline. Three or more years of post-graduate degree experience. Services to be rendered in a professional office, not in a home office. Must have access to email or fax. State licensure/certification in the state(s) where services are to be rendered. Please note that an agency s license to practice does not substitute for this requirement Please complete and return the following documents so that your application can be processed: 1. Provider Information Summary 2. Agreement and Certification of Equal Employment Opportunity 3. HIPAA Business Associate Agreement 4. Letter of Agreement 5. Insurance Verification Form 6. Current copy of State License 7. Current copy of Liability Insurance 8. Completed W-9 form The above information can be faxed to 313-962-0313, or mailed to Attn: HMSA Provider Relations Department 601 Washington Blvd, Detroit, MI 48226 Once you are an established provider you can update your credentials at www.hmsaproviders.com. If you have any questions, please feel free to call us at 877-366-5552 or email us at providers@hmsanet.com. Please allow 4 to 6 weeks for your application to be processed. Sincerely, HMSA Provider Relations Department HMSA 601 Washington Boulevard Detroit, Michigan 48226-3130 Phone: 877-366-5552 Fax: 313-962-0313 www.hmsaproviders.com
Provider Summary Information HMSA EAP Provider Application EAP rate is $65 per sixty minute session. If interested in the Michigan Gambling Program, email providers@hmsanet.com for an application. Group Individual New Provider Existing Provider Last Name: First Name: Agency Name: Mailing/Billing Address: City: State: Zip: 1 st Office Address: City: State: Zip: Office: ( ) - ext: Fax: ( ) - 2 nd Office Address: City: State: Zip: Office: ( ) - ext: Fax: ( ) - Email: Cell: ( ) - Handicap Accessible Parking FEIN / Tax ID #: Completed Education: Masters Doctoral Liability: Carrier: Policy # Single: Aggregate: Effective: / / Expires: / / Licensure: Type: License # Expires: / / State: Years of Experience: Credentials: CEAP NASW Eaprefer Website: Health Management Systems America www.hmsaproviders.com Provider Relations Department www.hmsanet.com Page 1 of 3 Phone 877-366-5552 Fax 313-962-0313
Provider Summary Information SERVICES/LEVEL OF CARE MH OP- Individual SA OP- Individual - Couples SA IOP MH OP - Family SA OP - Group Video/Online Counseling Relapse Prevention Group SPECIALIZATIONS Anger Management Anxiety Disorders Attention Deficit Disorders Child/Adolescent Disorders CISM Domestic Violence Dual Diagnosis Eating Disorders Fitness-For-Duty Gambling Addictions Gay/Lesbian Issues Geriatric Self-Harming Marital/Couples Issues Mood Disorders Obsessive Compulsive Disorders Pain/Illness Management Personality Disorders Psychological/Sexual Abuse Grief/Loss Issues Psychotic Disorders Religious Counseling Sexual Issues Substance Abuse Disorders Terminal Illness CLIENT AGE GROUP -5-12 -17-64 -110 OFFICE HOURS Morning Weekend Earliest appointment: Latest appointment: Health Management Systems America www.hmsaproviders.com Provider Relations Department www.hmsanet.com Page 2 of 3 Phone 877-366-5552 Fax 313-962-0313
Provider Summary Information LANGUAGES Arabic Bengali Chinese (Cantonese) Chinese (Mandarin) Creole Czech English French German Greek Haitian Hebrew Hindi Italian Japanese Korean Latin Malay-Indonesian Persian Polish Portuguese Punjabi Russian Sign Language Spanish Tagalog Thai Vietnamese HMSA TRAININGS (optional) Only fill out this section if you agree to provide the following training services to employers in your area through HMSA at a flat rate of $150 for an hour presentation (includes travel expenses and preparation time)*. Click all that apply. Anger Management Drug Free Workplace Supervisor Balancing Work and Family Drug Free Workplace Employee Burnout EAP Overview Workplace Violence Caring for the Caretaker Positive Mental Attitude Conflict Resolution Quit Smoking Coping with Change Sexual Harassment Coping with Change in the Workplace Stress Management Dealing with Loss and Grief Substance Abuse Awareness Employee Diversity: Finding Common Ground Substance Abuse Awareness Supervisor Do We Understand Each Other? Supervisory Overview *HMSA will provide all training materials. By submitting this application you are agreeing to HMSA s terms and conditions, as well as our policies and procedures regarding referrals and claim payments. For more information, visit www.hmsaproviders.com. Authorized Signature: Date: Print Name: Health Management Systems America www.hmsaproviders.com Provider Relations Department www.hmsanet.com Page 3 of 3 Phone 877-366-5552 Fax 313-962-0313
Letter of Agreement HMSA EAP Letter of Agreement THIS LETTER OF AGREEMENT is made and entered into, by, and between HEALTH MANAGEMENT SYSTEMS OF AMERICA, (hereinafter referred to as 'HMSA'), whose address is 601 Washington Blvd, Detroit, Michigan 48226 and (hereinafter referred to as 'Provider') with offices at. WHEREAS, Provider provides assessment, referral and counseling services that are appropriate for identified employees; NOW, THEREFORE, the parties agree to the following: 1. The Provider will provide the following services to referred employees: - Assessment of presenting problem(s). - Intervention and/or short-term counseling that is primarily problem solving in nature, for employees, as appropriate and authorized. - The assessment, referral and short-term problem solving counseling, as well as crisis counseling services, will be at no charge to the employee when authorized by HMSA. Longer term counseling when appropriate will be the financial responsibility of the employee. - Services must take place in a professional office space and not in a home office. - Referral to community resources as appropriate. - 36-hour accessibility for referred clients. 2. HMSA requires that all clinical staff minimally possess a Master s degree in social work or Ph.D in Psychology (or other behavioral health field) and at least three (3) years of post-graduate experience in the field of mental health and/or behavioral medicine/substance Abuse. 3. The Provider shall be duly licensed or certified to render services to Covered Individuals, shall maintain himself/herself in good professional standing at all times, and shall be otherwise fit and competent to render Covered Services. Evidence of such licensure or certification shall be submitted to HMSA upon request. The Provider agrees that any employee or agent of the Provider who renders services to Covered Individuals pursuant to this Agreement shall have the appropriate license and/or certification to render such service and shall abide by the Articles of this Agreement. The Provider must have state licensure/certification in the state(s) where services are to be rendered. Please note an agency s license to practice does not substitute for this requirement. HMSA Provider Relations Department 601 Washington Boulevard Detroit, Michigan 48226-3130 Page 1 of 3 1-877-366-5552 Phone 313-962-0313 Fax www.hmsaproviders.com www.hmsanet.com
Letter of Agreement 5. HMSA will act as the case manager for all referred employees. HMSA will provide pertinent information related to the referral, including health insurance information when appropriate, and will accept from the Provider periodic reports on referred employees as allowed by confidentiality requirements. 6. HMSA will refer clients for initial assessment plus follow up sessions. The Provider must have access to email or fax in order to receive authorizations and paperwork. Authorization forms will be sent for each initial referral and must be received prior to rendering services. Short-term counseling shall not exceed the number of authorized sessions. 7. The Provider can request re-authorization if a client has more sessions available within their benefit. HMSA will not contact the Provider for re-authorization; therefore, it is the responsibility of the provider to obtain all authorizations prior to rendering services. In cases where short-term counseling is appropriate a treatment plan may be required. Requesting re-authorization does not guarantee approval. The HMSA case manager must approve ongoing short-term counseling and the Provider must receive another authorization form with new sessions authorized. Any short-term counseling provided without the authorization of the HMSA case manager will not be reimbursed. The Provider shall hold client harmless from payment for services rendered if the provider has failed to obtain prior authorization when the client has been referred for services directly from HMSA. 8. The Provider must contact HMSA after the first session if the client has been formally referred or mandated by a supervisor or medical department for an assessment. It is imperative that the Release of Information form be procured and signed by the client to you and HMSA. Information that needs to be relayed to the supervisor or medical department should be specifically discussed with the HMSA counselor so that the supervisor or medical department can be updated regarding the status of the client. Only HMSA should communicate with the client s supervisor or medical department. 9. Direct face-to-face authorized services of assigned employees (EAP Assessment and Short Term Problem Resolution sessions). HMSA will reimburse at the rate of $65 per sixty (60) minute session unless otherwise negotiated. Reimbursement is not made for "no-shows" or "cancellations". Providers are prohibited from seeking payment for services directly from the employee/client for any unauthorized sessions within the client s benefit nor for any amount above the agreed upon rate. 10. When acting as an EAP resource in providing assessments and short-term problem resolution, the Provider is asked to submit all invoices at the conclusion of the episode, unless otherwise arranged. The Provider must submit an HMSA Discharge Summary along with claims after the last session or when EAP sessions are exhausted whichever comes first. In the event of overpayment, reimbursement to HMSA is required within 30 days and may be accomplished through direct repayment or future claim offset. Providers seeking retroactive authorization will be denied. Claims received after 90 days from the last DOS will not be reimbursed. 11. Provider is prohibited from soliciting any direct services from clients or client companies introduced through HMSA. 12. Provider agrees to follow HMSA s terms and conditions, as well as policies and procedures regarding referrals and claim payments. HMSA Provider Relations Department 601 Washington Boulevard Detroit, Michigan 48226-3130 Page 2 of 3 1-877-366-5552 Phone 313-962-0313 Fax www.hmsaproviders.com www.hmsanet.com
Letter of Agreement 13. Provider agrees to fully cooperate with HMSA's Quality Improvement Plan. The Provider recognizes that HMSA is fully committed to operate programs to assure the quality of, and review the use of, services delivered by providers of care. The Provider agrees to provide HMSA (or its designee) with access to and copies of Covered Individual's records to perform on-site and off-site review of said records and the Provider's physical site either concurrent with or after rendition of service. The Provider agrees to comply with all applicable licensing and accreditation requirements and HMSA's corresponding programs, policies and procedures concerning quality assurance. 14. This agreement can be terminated with or without cause by either party upon sixty (60) days written notification to the other party. HEALTH MANAGEMENT SYSTEMS OF AMERICA Executed on this day of, Signature of Provider Name and Title (please print) Signature of HMSA Dennis G. Rice, Executive Vice President Name and Title Agency Name Witness Phone Number (with Area Code) Witness HMSA Provider Relations Department 601 Washington Boulevard Detroit, Michigan 48226-3130 Page 3 of 3 1-877-366-5552 Phone 313-962-0313 Fax www.hmsaproviders.com www.hmsanet.com
Health Management Systems of America AGREEMENT AND CERTIFICATION EQUAL EMPLOYMENT OPPORTUNITY Since Health Management Systems of America (HMSA) is a government contractor, it our obligation to fulfill the requirements outlined below and seek our providers to comply accordingly. This certificate shall be renewed annually. Notwithstanding the ongoing, the certifications made herein shall remain applicable until completion of all non-exempt subcontracts awarded while this certificate is in effect. The undersigned Supplier certifies the following to HMSA, hereinafter referred to as Buyer, and agrees that, when applicable, the following will become a part of every Contract, Agreement and/or Purchase Order received by the Supplier from the Buyer. 1. EQUAL EMPLOYMENT OPPORTUNITY PROVISIONS In accordance with Executive Order No. 11246, dated September 24, 1965, as amended by Executive Order No. 11375, dated October 13, 1967, Executive Order No. 11478, dated August 8, 1968, Executive Order No. 12086, dated October 5, 1978 and U.S. Code of Federal Regulations, Title 41-- Public Contracts and Property Management, Chapter 60 -- Office of Federal Contract Compliance, Equal Employment Opportunity, Department of Labor, Part 60-1-- Obligations of Contractors and Subcontractors, the parties include in this contract the following understanding and agreement: A. For Contracts, Agreements or Purchase Orders exceeding $10,000 -- Equal Employment Opportunity Clause. During the performance of this contract the Supplier agrees that the provisions of Section 202 of Executive Order 11246, as amended, Nondiscrimination in Employment by Government Contractors and Subcontractors, and 41 CFR Section 60-1.4, Equal Opportunity Clause, are hereby incorporated herein by reference to the same extent and with the same force and effect as if set forth herein in full. B. For Contracts, Agreements or Purchase Orders exceeding $10,000 -- Certification of Non-segregated Facilities. During the performance of this contract, the Supplier agrees that the provisions of 41 CFR, Section 60-1.8, as amended, Segregation facilities, are hereby incorporated herein by reference to the same extent and with the same force and effect as if set forth herein in full. C. For Contracts, Agreements or Purchase Orders exceeding $50,000 with Supplier with 50 or more employees -- Affirmative Action Program Certification and Reporting Requirements. During the performance of this contract, the Supplier agrees that if it anticipates sales in connection with Government contracts of $50,000 or more and if it has 50 or more employees, the provisions of 41 CFR, Section 60-1 -40, as amended. Affirmative Action Compliance Programs and 41 CFR Section 60-1.42, as amended. Notices to be Posted, are hereby incorporated herein by reference to the same extent and with the same force and effect as if set forth herein in full. Page 1 of 2 Equal Opportunity Certification
Health Management Systems of America EQUAL EMPLOYMENT OPPORTUNITY CERTIFICATION II. EMPLOYMENT OF THE HANDICAPPED CLAUSE In accordance with Section 503 of the Rehabilitation Act of 1973, as amended by the Rehabilitation Act Amendments of 1974, and U.S. Code of Federal Regulations: Title 41 -- Public Contracts and Property Management. Chapter 60 - Office of Federal Contract Compliance, Equal Employment Opportunity, Department of Labor, Part 60-741, Affirmative Action Obligations of Contracts and Subcontractors, as such may be amended from time to time. The parties included in this contract the following understanding and agreement: A. For Contracts, Agreements or Purchase Orders Exceeding $2,500 - Affirmative Action Clause. During the performance of this contract, the Supplier agrees that for all contracts exceeding $10,000 the provisions of 41 CFR, Section 60-741- 4 as amended. Affirmative Action Clause, and 41 CFR, Section 60-741-3 as amended. Coverage and Waivers are hereby incorporated herein by reference to the same extent and with the same force and effect as if set forth herein in full. III. EMPLOYMENT OF DISABLED AND VIETNAM - ERA VETERANS CLAUSE In accordance with Section 402 of the Vietnam Era Veterans Readjustment Assistance Act of 1974, and U.S. Code of Federal Regulations, Title 41 -- Public Contracts and Property Management, Chapter 60, Part 60-250, Affirmative Action Program for Disabled Veterans and-veterans of the Vietnam Era, as such may be amended from time to time, the parties include in this contract the following understanding and agreement: A. For Contracts, Agreements or Purchase Orders exceeding $10,000 - Affirmative Action Clause. During the performance of this contract, the Supplier agrees that for all contracts exceeding $10,000 the provisions of 41 CFR, Section 60-250.4, as amended. Affirmative Action Clause, and 41 CFR, Section 60-250- 3, as amended. Coverage and Waivers, are hereby incorporated herein by reference to the same extent and with the same force and effect as if set forth herein in full. Signature of Provider Name and Title (please print) Agency Name Witness Page 2 of 2 Equal Opportunity Certification
HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement (this Agreement ) is entered into on, between Health Management Systems, Inc. ( HMSA, doing business as Health Management Systems of America) and (in its role as a business associate, Business Associate ). RECITALS: Whereas, the Health Insurance Portability and Accountability Act of 1996, as amended, and related regulations (collectively, HIPAA ) require that covered entities and their business associates enter into written contracts concerning the use and disclosure of protected health information ( PHI ) and the security of PHI and electronic PHI, which the business associate may receive, create, use, maintain, have access to or transmit in the course of providing services for the covered entity; and Whereas, Business Associate is [an employee assistance program counselor who provides medical and mental health assessments, short-term counseling and referring HMSA clients for appropriate treatment where necessary] on behalf of HMSA, and during the course of HMSA s business relationship with Business Associate, Business Associate may have access to PHI and/or electronic PHI received, created, maintained, used or disclosed by HMSA relating to HMSA s clients; and Whereas, the parties now desire to amend and restate any prior Business Associate Agreement entered into with Business Associate, to ensure that Business Associate will comply with applicable restrictions on the use and disclosure of any PHI and electronic PHI to which Business Associate may have access as a direct or indirect result of its business relationship with HMSA and to incorporate applicable requirements of the HIPAA omnibus final rule, published January 17, 2013, reflecting changes to the Privacy Rule, Security Rule, and HITECH. Now, therefore, HMSA and Business Associate agree to the following terms effective as of the date first above written: 1. Definitions. Capitalized terms used herein are defined as follows: (a) (b) Agreement means this Agreement and each exhibit, schedule, appendix and addendum, if any, attached hereto and incorporated herein by reference. Breach means the unauthorized acquisition, access, use or disclosure of Unsecured PHI in a manner not permitted under Subpart E of 45 CFR 164, which compromises the security or privacy of the PHI. Breach excludes: (i) any unintentional acquisition, access, or use of PHI by a person working under the authority of Business Associate, if the acquisition, access, or use was made in good faith and within the scope of authority and does not result in further use or disclosure in a manner not permitted by this Agreement or the HIPAA Rules; 2467681.1 1
(ii) (iii) any inadvertent disclosure by an authorized person at Business Associate to another authorized person also working at Business Associate, and the information received is not further used or disclosed in a manner not permitted by this Agreement or the HIPAA Rules; a disclosure of PHI to an unauthorized person that the unauthorized person would not, in Business Associate s good faith belief, reasonably have been able to retain. (c) (d) Business Associate has the meaning given to such term at 45 CFR 160.103 and in reference to the party to this Agreement means [insert name of Business Associate]. Electronic Protected Health Information or EPHI means Protected Health Information transmitted or maintained in electronic media. (e) HIPAA means, collectively, the Health Insurance Portability and Accountability Act of 1996, as amended, and regulations promulgated thereunder. (f) (g) (h) (i) (j) (k) (l) (m) HIPAA Rules means the Privacy, Security, Breach Notification and Enforcement Rules at 45 CFR 160 and Part 164. HITECH means the Health Information Technology for Economic and Clinical Health Act, Title XIII of the American Recovery and Reinvestment Act of 2009. Individual means the person who is the subject of PHI. Privacy Rule means the Standards for Privacy for Individually Identifiable Health Information at 45 CFR 160 and 164, Subparts A and E. Privacy Official means the individual who is responsible for the development and implementation of HMSA s privacy policies and procedures and in reference to the party to this Agreement means [insert name of HMSA s Privacy Official]. Protected Health Information or PHI means any information, including genetic information, whether oral or recorded in any form or medium: (i) that relates to an individual s past, present or future physical or mental condition; the provision of health care to an individual; or the past, present or future payment for the provision of health care to an individual, and (ii) that identifies the individual or with respect to which there is a reasonable basis to believe the information can be used to identify the individual, and shall have the meaning given to such term under HIPAA. Protected Information means PHI and EPHI provided by HMSA to Business Associate or created or received by Business Associate on HMSA s behalf. Required by Law has the same meaning given to the term required by law under HIPAA including, but not limited to, 45 CFR Section 164.103. 2467681.1 2
(n) (o) (p) (q) Secretary means the Secretary of the United States Department of Health and Human Services ( HHS ) or his designee. Security Incident means the attempted or successful unauthorized access, use, disclosure, modification or destruction of information or interference with system operations in an information system, as provided in 45 CFR 164.304. Security Rule means the Security Standards for the Protection of Electronic Protected Health Information and Implementation Specifications at 45 CFR Part 160 and Part 164, subpart C. Unsecured PHI means PHI not secured through the use of technology or methodology specified by the Secretary of the Department of Health and Human Services, as provided in, 42 USC Section 17932(h). 2. Permitted Uses and Disclosures of PHI by Business Associate. (a) Business Associate may use and disclose Protected Information as set forth in Exhibit A attached to, and forming a part of, this Agreement, and may use Protected Information for its proper management and administration and to carry out its legal responsibilities, provided that: (i) (ii) the disclosure is Required by Law, or Business Associate obtains reasonable assurance from any person to whom, or entity to which, Business Associate will disclose Protected Information that the person or entity will (y) hold the Protected Information in confidence and use or further disclose the Protected Information only for the purpose for which Business Associate disclosed Protected Information to the person or entity or as Required by Law, and (z) promptly notify Business Associate of any instance of which the person or entity becomes aware that the confidentiality of Protected Information has been Breached. (b) When using, disclosing or requesting Protected Information from another covered entity or another business associate, Business Associate will make reasonable efforts to limit Protected Information to the minimum necessary to accomplish the intended purpose of the use, disclosure or request. 3. Obligations, Safeguards and Activities of Business Associate. (a) Business Associate agrees not retain, use or disclose any Protected Information to which Business Associate may have access as a direct or indirect result of its business relationship with HMSA, except for the purposes permitted under this Agreement or as Required by Law. 2467681.1 3
(b) (c) (d) (e) (f) (g) Business Associate agrees to develop, implement and maintain administrative, physical and technical safeguards (including written policies and procedures) that reasonably and appropriately protect the confidentiality, integrity and availability of Protected Information that it creates, receives, maintains or transmits on behalf of HMSA from any intentional or unintentional use or disclosure in violation of the HIPAA Rules. To the extent the parties agree that Business Associate will carry out directly one or more of HMSA s obligations under the Privacy Rule, Business Associate will comply with the requirements of the Privacy Rule that apply to HMSA in the performance of such obligations. Business Associate agrees to protect against reasonably anticipated threats or hazards to the security or integrity of Protected Information, to protect against reasonably anticipated uses and disclosures of Protected Information that are not permitted or required under the Privacy Rule and to ensure compliance with the Security Rule. Business Associate will comply with the policies and procedures and documentation requirements of the Security Rule and to report to HMSA within 7 calendar days any suspected or known Security Incidents of which Business Associate becomes aware. If the Security Incident results in a Breach, Business Associate must make a report in accordance with Section 5 below. Business Associate will not transfer Protected Information outside of the United States without prior written consent of HMSA. In this context, a transfer outside of the United States occurs if Business Associate s workforce, agents, subcontractors physically located outside of the United States are able to access, use or disclose Protected Information. If Business Associate discloses Protected Information to a third party, including subcontractors, Business Associate agrees that it will obtain written assurances from the third party that (i) such Protected Information will be held confidential and only disclosed as Required by Law or for the purposes for which it is disclosed to the third party; (ii) the third party will apply the same restrictions and conditions that apply to Business Associate with respect to Protected Information, and (iii) the third party will immediately notify Business Associate of any Breaches of Protected Information, to the extent it has obtained knowledge of a Breach. Business Associate agrees to ensure that each employee and agent of Business Associate who has access to Protected Information agrees in writing to the same restrictions and conditions that apply through this Agreement to Business Associate with respect to such information. Business Associate shall ensure that any agent or subcontractor agrees to implement reasonable and appropriate safeguards to protect Protected Information. 2467681.1 4
(h) (i) (j) Business Associate will not engage in any sale (as defined in the HIPAA Rules) of Protected Information. At the reasonable request of HMSA, Business Associate agrees to provide HMSA such access to Protected Information that Business Associate, in violation of this Agreement, retained, used or disclosed. Business Associate agrees to make its internal practices, books, and records, including policies and procedures, relating to the use and disclosure of Protected Information available to HMSA and the Secretary of HHS for purposes of determining compliance with the HIPAA Rules. 4. Individual Rights. (a) (b) (c) Right to Access PHI. Business Associate will, within 15 calendar days following HMSA s request, make available to HMSA (or at HMSA s written direction, make available to the Individual or the Individual s designee) for inspection and copying an Individual s PHI that is in a Designated Record Set in Business Associate s custody or control, so that HMSA may meet its access obligations under 45 CFR 164.524. Effective March 26, 2013, if HMSA requests an electronic copy of PHI that is maintained electronically in a Designated Record Set in Business Associate s custody or control, Business Associate will provide an electronic copy in the form and format specified by HMSA if it is readily producible in that format. If it is not readily producible in electronic format, HMSA and Business Associate will work together to determine an alternative form and format that enable HMSA to meet its electronic access obligations under 45 CFR 164.524. Right to Amend PHI. Business Associate will, upon receipt of written notice from HMSA, promptly amend or permit HMSA access to amend any portion of an Individual s PHI that is inaccurate or incomplete in a Designated Record Set in the custody or control of Business Associate, so that HMSA may meet its amendment obligations under 45 CFR 164.526. Right to Obtain Accounting of Disclosures. Business Associate agrees to record disclosures of PHI, and to provide to HMSA such information as may be required for HMSA to respond to a request by an Individual for an accounting of disclosures of PHI in accordance with 45 CFR 164.528. Business Associate agrees to implement a process that allows it to collect and maintain the following information (i) the date of disclosure, (ii) the name of the entity or person who received the Protected Information, and if known, the address of the entity or person, (iii) a brief description of the Protected Information disclosed, and (iv) a brief statement of the purpose of the disclosure that will reasonably inform the Individual of the basis for the disclosure. If Business Associate receives a request for an accounting from an Individual, Business Associate must forward the request to HMSA within 7 calendar days so that HMSA can promptly respond to 2467681.1 5
the Individual requesting the accounting. Business Associate will not be obligated to record disclosures of PHI if HMSA is not required to account for such disclosures. (d) Restrictions on Use and Disclosure. Business Associate will comply with any written notice from HMSA to restrict use or disclosure of PHI pursuant to 45 CFR 164.522(a), or provide for confidential communications of PHI pursuant to 45 CFR 164.522(b). HMSA will promptly notify Business Associate in writing of the termination of any such restriction. 5. Notification of Breach (a) (b) (c) Business Associate agrees to notify HMSA in writing of any use or disclosure of Protected Information not permitted by this Agreement not more than 7 calendar days after Business Associate discovers the non-permitted use or disclosure. Business Associate agrees to notify HMSA s Privacy Official in writing of any potential Breach of Unsecured PHI not more than 10 calendar days after discovery of the potential Breach. Business Associate must treat a potential Breach as being discovered in accordance with 45 CFR 164.410. If a delay is requested by a law-enforcement official in accordance with 45 CFR 164.412, Business Associate may delay notifying HMSA for the applicable time period. Business Associate s report to HMSA will include the following information, and must be timely reported even in the absence of any required information: (i) (ii) (iii) (iv) (v) (vi) (vii) Identify the nature of the Breach, which must include a brief description of what happened, the date of any Breach and the date of discovery of any Breach; Identify the types of PHI that were involved in the Breach, including the types of identifiers for example, whether the full name, Social Security number, date of birth, home address, account number, or diagnosis; Identify who made the non-permitted use or disclosure and who received the non-permitted disclosure; Identify whether the PHI was actually acquired or viewed; Identify what corrective or investigational action Business Associate took or will take to prevent further non-permitted uses or disclosures, to mitigate harmful effects, and to protect against further Breaches; Identify what steps the Individuals who were subject to the Breach should take to protect themselves; and Provide any other information, including a written report and risk assessment in accordance with 45 CFR 164.402. 2467681.1 6
(d) Business Associate agrees to mitigate, to the extent practicable, any harmful effect that is known to Business Associate of a use or disclosure of Protected Information by Business Associate in violation of this Agreement or the HIPAA Rules. 6. Term and Termination. (a) (b) (c) (d) This Agreement is effective as of the date first above written, and shall terminate upon the termination of Business Associate s business relationship with HMSA. Upon HMSA s knowledge of a material breach of this Agreement by Business Associate, HMSA may, in its sole discretion, provide an opportunity for Business Associate to cure the breach or otherwise to end the violation and HMSA may terminate this Agreement and all agreements with Business Associate if Business Associate does not cure the breach or end the violation within the time specified by HMSA. If Business Associate knows of a pattern of activity or practice of HMSA that constitutes a material breach or violation of HMSA s obligations under this Agreement, Business Associate must take reasonable steps to cure the breach or end the violation. As one of the reasonable steps to cure the breach or end the violation, Business Associate must provide written notice to HMSA of any pattern of activity or practice of HMSA that Business Associate believes constitutes a material breach or violation of HMSA s obligations under this Agreement within 7 calendar days of discovery and agree to meet with HMSA to discuss and attempt to resolve the problem. If reasonable steps are not successful, the Business Associate must terminate this Agreement. Upon termination of this Agreement for any reason, the following provisions shall apply: (i) Except as provided in paragraph (d)(ii) of this Section, to the extent Business Associate, in violation of this Agreement, has retained any Protected Information to which Business Associate had access as a direct or indirect result of its business relationship with HMSA, Business Associate shall return or destroy all such Protected Information in whatever form or medium, including all copies and all data, compilations, and other works derived from PHI that allow identification of any Individual. This provision shall apply to Protected Information that is in the possession of employees, subcontractors or agents of Business Associate. Business Associate will require any subcontractor to certify to Business Associate that it has returned or destroyed all such information which could be returned or destroyed. Business Associate will complete these obligations as promptly as possible, but not later than 30 calendar days following the effective date of the termination of this Agreement. 2467681.1 7
(ii) In the event that Business Associate determines that returning or destroying Protected Information is infeasible, including any Protected Information that Business Associate has disclosed to any subcontractor, Business Associate shall provide to HMSA notification of the conditions that make return or destruction infeasible. For the period during which return or destruction of Protected Information is infeasible, Business Associate shall extend the protections of Section 3 this Agreement to such Protected Information and prevent further uses and disclosures of such Protected Information for as long as Business Associate maintains such Protected Information. Business Associate will also require any of its subcontractors to certify that it will do the same. 7. Miscellaneous. (a) (b) (c) (d) (e) (f) HMSA and Business Associate agree to take such action to amend this Agreement from time to time as is necessary to comply with the HIPAA Rules, and other applicable laws relating to the security or confidentiality of PHI or EPHI. HMSA may terminate this Agreement upon 10 days written notice in the event that Business Associate does not promptly enter into an amendment of this Agreement when requested by HMSA pursuant to this Section 7(a). The obligations of Business Associate under Section 6(d) of this Agreement shall survive the termination of this Agreement. Nothing express or implied in this Agreement is intended to confer, nor shall anything herein confer, upon any person other than HMSA, Business Associate and their respective successors or assigns, any rights, remedies, obligations or liabilities whatsoever. Except to the extent that federal law shall govern the validity and construction of this Agreement and each of its provisions shall be subject to and governed by the laws of the State of Michigan without giving effect to laws concerning choice of law or conflicts of law. All existing business associate agreements, as may be amended, between Covered Entity and Business Associate are subject to this Agreement and are hereby amended by this Agreement. In the event of a conflict between the terms of any service agreement, prior business associate agreement and this Agreement, the terms and conditions of this Agreement will govern. This Agreement may be executed in any number of counterparts, each of which constitutes an original, and all of which, taken together, constitute one and the same Agreement. Copies of signatures to this Agreement shall be deemed to be originals and may be relied upon to the same extent as the originals. 2467681.1 8
(g) BUSINESS ASSOCIATE ACKNOWLEDGES THAT EACH SECURITY AND PRIVACY REQUIREMENT UNDER HIPAA THAT APPLIES TO HMSA ALSO APPLIES DIRECTLY TO BUSINESS ASSOCIATE. IF BUSINESS ASSOCIATE VIOLATES HIPAA S SECURITY AND PRIVACY PROVISIONS IT IS SUBJECT TO CIVIL AND CRIMINAL ENFORCEMENT FOR FAILURE TO COMPLY WITH THE HIPAA RULES TO THE EXTENT PROVIDED BY THOSE RULES. In witness hereof, the parties have executed this Business Associate Agreement as of the date first written above. HMSA: Gary Lalicki Health Management Systems, Inc. By:, Privacy Official BUSINESS ASSOCIATE: By: Its: 2467681.1 9
EXHIBIT A TO HIPAA BUSINESS ASSOCIATE AGREEMENT PERMITTED USES AND DISCLOSURES OF PHI Business Associate is permitted to use and disclose any PHI to which it will have access as a direct or indirect result of Business Associate providing [an employee assistance program counselor who delivers medical and mental health assessments, short-term counseling and referring HMSA clients for appropriate treatment where necessary] to HMSA in compliance with this Agreement 2467681.1 10
Insurance Verification HMSA EAP Insurance Verification Dear Sir or Madam: As a Health Management Systems of America (HMSA) network provider applicant, I am required to supply the Plan with verification of current malpractice coverage, as well as a five-year claim history. I further agree to Hold Harmless my insurance carrier, stated herein, for release of said information. Please confirm my present coverage and send a Certificate of Insurance at each annual renewal to the following address: Thank you for your cooperation. Health Management Systems of America Attn: Provider Relations 601 Washington Blvd Detroit, Michigan 48226 Malpractice Insurance Carrier Policy Number / / Expiration Date Printed Name of Policyholder Signature of Policyholder (Provider) HMSA Provider Relations Department 601 Washington Boulevard Detroit, Michigan 48226-3130 Page 1 of 1 1-877-366-5552 Phone 313-962-0313 Fax www.hmsaproviders.com www.hmsanet.com
HMSA EAP Procedure Letter Updated 12.01.2015 Once a referral is made an Authorization of Service form will be sent via fax or email. The client will then be given your information so that they can call to schedule an appointment. The authorization of service form will contain the client s case number (client information on file), authorization number and the number of sessions authorized. All HMSA EAP Forms can be found at www.hmsaproviders.com. These forms can be downloaded separately or in a referral packet and should be saved for future use. The initial referral packet contains all the forms needed to see an HMSA EAP client including the claim forms. If you do not have access to the website, the initial referral packet can be faxed or emailed at your request. The client will need to fill out the following forms; however these do not need to be returned to HMSA: 1) Statement of Understanding (client signs) 2) Release of Information (client signs) 3) Notice of Privacy (client signs) Request for Re-Authorization A maximum of 3 sessions are authorized per authorization regardless of the client s benefit type. If a client has more than 3 sessions available the EAP affiliate may request the remaining sessions if needed. Complete the Request for Re-Authorization section located on the bottom of the authorization form and fax to (313) 962-0313. a. Once your request has been received it will be reviewed for clinical appropriateness. A new authorization of service form will be sent through our secure email or by fax. b. If you don t receive a new authorization form within 3 to 5 business days call or email to confirm request was received. c. If you don t have a fax, call 877-366-5552 or email providers@hmsanet.com with your request. d. When contacting our office make sure to reference the client s case number listed on the authorization of service form. e. It is the provider s responsibility to obtain re-authorization for remaining sessions prior to seeing an HMSA client. Requesting re-authorization does not guarantee approval. You must receive a new authorization number for any remaining sessions not previously authorized. Claims: Once EAP sessions are exhausted, fax or mail the HCFA 1500 Claim Form and HMSA Discharge Summary to HMSA for reimbursement. See HMSA Claims Instructions for further details on how to submit claims. Mandatory Referrals: If the client has been formally referred by a supervisor or Medical Department for an assessment, it is imperative that the HMSA counselor be contacted immediately after the first session. It is imperative that the Release of Information form be procured and signed by the client to you and HMSA. Information that needs to be relayed to the supervisor or Medical Department should be specifically discussed with the HMSA counselor so that the supervisor or the Medical Department can be updated regarding the status of the client. Only HMSA should communicate with the client s supervisor or Medical Department. If you have any questions or concerns, you may call our dedicated provider number at (877) 366-5552 or email us at providers@hmsanet.com. Thank You, HMSA Provider Relations HMSA Corporate Center 601 Washington Boulevard Detroit, Michigan 48226-3130 P: 877-366-5552 F: 313-962-0313 www.hmsaproviders.com www.hmsanet.com
HMSA EAP Claim Instructions Updated 1.4.2015 You will need to have an Authorization of Service form in order to fill out claims. This form is faxed or emailed prior to the client calling to request services. HMSA EAP claims forms and all other forms can be found at www.hmsaproviders.com. 1) HCFA 1500 Claim Form: -Submit when all EAP sessions are exhausted or after the 3 rd session and final EAP session. Fill out sections- 1a-7, 21, 24a/d/f, 25, 28, 31, 32, 33 #1a- Client information on file (Case number) #24d- CPT Code: 90837 (60 minute session) #24f- HMSA EAP contracted rate (as shown on the authorization of service form) We will not accept claims for less than 3 sessions unless client has been discharged. (see below) 2) HMSA Discharge Summary: -Submit after the final EAP session along with final 1500 claim form. Client Information on file is required -(Case number) If you are unsure if the client will return for services, and does not have another appointment scheduled within 30 days you may bill for services rendered by submitting both the 1500 form and D/C summary. Please note that the following conditions apply for reimbursement: Authorization is required for all EAP sessions rendered. (see EAP procedure letter) EAP sessions not authorized will not be reimbursed. Client shall be held harmless from payment for services rendered if the EAP affiliate has failed to obtain prior authorization. EAP Affiliate may not bill the client for any unauthorized sessions and may not balance bill the client. Client is responsible for any sessions rendered once EAP sessions are exhausted and should be informed when EAP sessions have been exhausted. Any claims received after 90 days of the last DOS will not be reimbursed. Reimbursement is not made for no-shows or cancellations. Address on W-9 on file must match the address listed on the 1500 claim form and, if different, payment will be held until either W-9 is corrected or 1500 form is corrected. Corrections to claims must be received within 30 days of request or claim will be denied and claim will have to be resubmitted. Fax claim forms to: 313-962-0313 or mail to: Attn: Provider Claims HMSA Provider Relations Department 601 Washington Blvd Detroit, MI 48226 Once we receive your claim it can take up to 4 to 6 weeks to receive payment. Please type or print clearly, incomplete or illegible forms could delay processing and may lead to denial of claims. If you have questions regarding claims contact 877-366-5552 or email providers@hmsanet.com. Please use the client s case number as reference when contacting our office. HMSA Provider Relations Department 601 Washington Boulevard Detroit, Michigan 48226-3130 877-366-5552 Phone 313-962-0313 Fax www.hmsanet.com www.hmsaproviders.com
Form W-9 (Rev. December 2014) Department of the Treasury Internal Revenue Service Request for Taxpayer Identification Number and Certification 1 Name (as shown on your income tax return). Name is required on this line; do not leave this line blank. Give Form to the requester. Do not send to the IRS. Print or type See Specific Instructions on page 2. 2 Business name/disregarded entity name, if different from above 3 Check appropriate box for federal tax classification; check only one of the following seven boxes: Individual/sole proprietor or single-member LLC C Corporation S Corporation Partnership Trust/estate Limited liability company. Enter the tax classification (C=C corporation, S=S corporation, P=partnership) Note. For a single-member LLC that is disregarded, do not check LLC; check the appropriate box in the line above for the tax classification of the single-member owner. Other (see instructions) 5 Address (number, street, and apt. or suite no.) 6 City, state, and ZIP code 4 Exemptions (codes apply only to certain entities, not individuals; see instructions on page 3): Exempt payee code (if any) Exemption from FATCA reporting code (if any) (Applies to accounts maintained outside the U.S.) Requester s name and address (optional) 7 List account number(s) here (optional) Part I Taxpayer Identification Number (TIN) Enter your TIN in the appropriate box. The TIN provided must match the name given on line 1 to avoid backup withholding. For individuals, this is generally your social security number (SSN). However, for a resident alien, sole proprietor, or disregarded entity, see the Part I instructions on page 3. For other entities, it is your employer identification number (EIN). If you do not have a number, see How to get a TIN on page 3. Note. If the account is in more than one name, see the instructions for line 1 and the chart on page 4 for guidelines on whose number to enter. Part II Certification Social security number or Employer identification number Under penalties of perjury, I certify that: 1. The number shown on this form is my correct taxpayer identification number (or I am waiting for a number to be issued to me); and 2. I am not subject to backup withholding because: (a) I am exempt from backup withholding, or (b) I have not been notified by the Internal Revenue Service (IRS) that I am subject to backup withholding as a result of a failure to report all interest or dividends, or (c) the IRS has notified me that I am no longer subject to backup withholding; and 3. I am a U.S. citizen or other U.S. person (defined below); and 4. The FATCA code(s) entered on this form (if any) indicating that I am exempt from FATCA reporting is correct. Certification instructions. You must cross out item 2 above if you have been notified by the IRS that you are currently subject to backup withholding because you have failed to report all interest and dividends on your tax return. For real estate transactions, item 2 does not apply. For mortgage interest paid, acquisition or abandonment of secured property, cancellation of debt, contributions to an individual retirement arrangement (IRA), and generally, payments other than interest and dividends, you are not required to sign the certification, but you must provide your correct TIN. See the instructions on page 3. Sign Here Signature of U.S. person General Instructions Section references are to the Internal Revenue Code unless otherwise noted. Future developments. Information about developments affecting Form W-9 (such as legislation enacted after we release it) is at www.irs.gov/fw9. Purpose of Form An individual or entity (Form W-9 requester) who is required to file an information return with the IRS must obtain your correct taxpayer identification number (TIN) which may be your social security number (SSN), individual taxpayer identification number (ITIN), adoption taxpayer identification number (ATIN), or employer identification number (EIN), to report on an information return the amount paid to you, or other amount reportable on an information return. Examples of information returns include, but are not limited to, the following: Form 1099-INT (interest earned or paid) Form 1099-DIV (dividends, including those from stocks or mutual funds) Form 1099-MISC (various types of income, prizes, awards, or gross proceeds) Form 1099-B (stock or mutual fund sales and certain other transactions by brokers) Form 1099-S (proceeds from real estate transactions) Form 1099-K (merchant card and third party network transactions) Date Form 1098 (home mortgage interest), 1098-E (student loan interest), 1098-T (tuition) Form 1099-C (canceled debt) Form 1099-A (acquisition or abandonment of secured property) Use Form W-9 only if you are a U.S. person (including a resident alien), to provide your correct TIN. If you do not return Form W-9 to the requester with a TIN, you might be subject to backup withholding. See What is backup withholding? on page 2. By signing the filled-out form, you: 1. Certify that the TIN you are giving is correct (or you are waiting for a number to be issued), 2. Certify that you are not subject to backup withholding, or 3. Claim exemption from backup withholding if you are a U.S. exempt payee. If applicable, you are also certifying that as a U.S. person, your allocable share of any partnership income from a U.S. trade or business is not subject to the withholding tax on foreign partners' share of effectively connected income, and 4. Certify that FATCA code(s) entered on this form (if any) indicating that you are exempt from the FATCA reporting, is correct. See What is FATCA reporting? on page 2 for further information. Cat. No. 10231X Form W-9 (Rev. 12-2014)